Listing of the Claims 

Claims 1-38 are pending. 

Claims 1, 5-13, 16, 17, 19-23 27, 28, 30-34, 37, and 38 are amended. 
No claims are canceled or withdrawn. 

1. (Currently Amended) A method for use by a server coupled to one or 
more client devices in a distributed computing environment, the method 
comprising: 

hosting a set of resources; 

receiving a request for a client user to perform an operation on a resource 
of the resources, the request being received by an application hosted by the 
server; and 

determining whether to authorize the operation as a function of whether 
the client user has been delegated administrative authority by a server 
administrator to perform the operation with respect to the resource, the 
administrative authority being independent of whether the client user is a member 
of an administrators group associated with any resource of the server. 

2. (Previously Presented) A method as recited in claim 1, wherein the 
determining whether to authorize the operation is performed by a secure 
delegation administration framework. 

3. (Original) A method as recited in claim 1, wherein the operation is 
associated with modification of content and/or functionality of the resource. 
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4. (Original) A method as recited in claim 1, wherein the resource is 
represented as an Internet Information Service (IIS) metabase node. 

5. (Currently Amended) A method as recited in claim 1, wherein the 
request comprises a scope associated with the client user, and a name of a method 
associated with the operation. 

6. (Currently Amended) A method as recited in claim 1, wherein the 
resource is a Web site hosted by an Internet Service Provider (ISP), and wherein 
the client user is not authorized to perform administrative activities on any 
resources associated with the ISP except by sending the request to the ISP for 
permission evaluation by the secure delegation administration framework. 

7. (Currently Amended) A method as recited in claim 1, wherein the 
request further comprises an indication of whether the client user desires to 
execute the operation via a dynamically built command line or via an executable 
object already associated with the operation. 

8. (Currently Amended) A method as recited in claim 1, wherein the 
request further comprises an indication of whether the client user desires to log a 
result of the operation. 

9. (Currently Amended) A method as recited in claim 1, wherein the 
secure delegation administration framework is secure at least because it does not 
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allow the client user access to a mapping of user role-based permission to perform 
the operation directed to the resource. 

10. (Currently Amended) A method as recited in claim 1, wherein the 
method further comprises: 

installing the application on the server; 



application can perform; 

mapping , by a member of the adm i nistrators group, the operations to a set 
of security permissions based on authorization specific role(s) of a set of users 
comprising the client user; and 

wherein determining further comprises the application utilizing the 
mapping to identify whether the client user has permission to perform the 
operation. 

11. (Currently Amended) A method as recited in claim 1, wherein the 
method further comprises: 

specifying , by a mombor of the administrators group, role-based user access 
permissions to nodes of an Internet Information Services (IIS) metabase identifying 
the resources; 

indicating an interface to a task, the interface comprising a set of 
parameters and a name, the task comprising the operation; and 
wherein determining further comprises: 




■identifying a set of operations that the 



locating the interface in a configuration file; 
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responsive to locating the interface, presenting an identity of the 
client user to the resource to evaluate a scope in view of the parameters 
and the name and the resource; and 

responsive to the presenting, identifying whether the client user has 
been delegated a role-based access permission to perform the operation 
with respect to the resource. 

12. (Currently Amended) A method as recited in claim 1, wherein 
responsive to determining that the client user has been delegated authority to 
perform the operation with respect to the resource, the method further 
comprises: 

setting parameters associated with the operation; and 

executing the operation within a scope associated with the client user. 

13. (Currently Amended) A computer-readable medium for use in a 
distributed computing environment including a server and one or more client 
computing devices coupled to the server, the computer-readable medium 
comprising computer-executable instructions that, when executed, cause one or 
more processors to perform acts including: 

hosting a set of resources, a particular resource of the resources allowing a 
client user to determine whether the client user has delegated authority to access 
a resource of the resources; 

receiving a request from the client user to perform an operation on the 
resource; and 
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determining whether to authorize the operation as a function of whether 
the client user has been delegated a role-based scope of authority by a server 
administrator to perform the operation, the role-based scope of authority not 
requiring the client user to be a member of an administrators group associated 
with any resources of the server. 

14. (Original) A computer-readable medium as recited in claim 13, 
wherein the operation is associated with modification of content and/or 
functionality of the resource. 

15. (Original) A computer-readable medium as recited in claim 13, 
wherein the resource is represented as an Internet Information Service (IIS) 
metabase node. 

16. (Currently Amended) A computer-readable medium as recited in 
claim 13, wherein the request comprises a scope associated with the client user, 
and a name of a method associated with the operation. 

17. (Currently Amended) A computer-readable medium as recited in 
claim 13, wherein the resource is a Web site hosted by an Internet Service Provider 
(ISP), and wherein the client user is not a member of the administrators group. 

18. (Original) A computer-readable medium as recited in claim 13, 
wherein the request further comprises an indication of whether the operation is to 
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be executed via a dynamically built command line or via an executable object 
already associated with the operation. 

19. (Currently Amended) A computer-readable medium as recited in 
claim 13, wherein operations associated with determining whether to authorize 
the operations are secure at least because the client user does not have access to 
user role-based permission(s) to perform the operation. 

20. (Currently Amended) A computer-readable medium as recited in 
claim 13, wherein the computer-executable instructions comprise instructions that 
cause the one or more processors to perform acts further including: 

identifying a set of operations associated with the resource; 

mapping the operations to a set of security permissions, the security 
permissions being based on authorization specific role(s) of a set of users 
comprising the client user; and 

wherein the instructions for determining further comprise instructions for 
utilizing the mapping to identify whether the client user has permission to perform 
the operation. 

21. (Currently Amended) A computer-readable medium as recited in 
claim 13, wherein the computer-executable instructions comprise instructions that 
cause the one or more processors to perform acts further including: 

securely specifying role-based user access permissions to nodes of an 
Internet Information Services (IIS) metabase identifying the resources; 
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indicating an interface to a task, the interface comprising a set of 
parameters and a name, the task comprising the operation; and 

wherein the computer-executable instructions for determining further 
comprise instructions for: 

locating the interface in a configuration file; 

responsive to locating the interface, presenting an identity of the 
client user to the resource to evaluate a scope in view of the parameters 
and the name and the resource; and 

responsive to the presenting, identifying whether the client user has 
been delegated a role-based access permission to perform the operation 
with respect to the resource. 

22. (Currently Amended) A computer-readable medium as recited in 
claim 13, wherein the computer-executable instructions, responsive to 
determining that the client user has been delegated authority to perform the 
operation with respect to the resource, comprise instructions that cause the one 
or more processors to perform acts further including: 

setting parameters associated with the operation; and 

executing the operation within a scope associated with the client user. 

23. (Currently Amended) A server for use in a distributed computing 
environment including the server and one or more client computing devices 
coupled to the server, the server comprising: 

one or more processors; and 
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a memory coupled to the one or more processors, the memory comprising 
computer-executable instructions that cause the one or more processors to 
perform acts including: 

hosting a set of resources; 

receiving a request from a client user to perform an operation on a 
resource of the resources; and 

determining whether to authorize the operation as a function of 
whether the client user has been delegated a role-based scope of authority 
by a server administrator to perform the operation, the role-based scope of 
authority not requiring the client user to be a member of an administrators 
group associated with resources of the server. 

24. (Original) A server as recited in claim 23, wherein the request is 
generated by at least one resource of the resources. 

25. (Original) A server as recited in claim 23, wherein the operation is 
associated with modification of content and/or functionality of the resource. 

26. (Original) A server as recited in claim 23, wherein the resource is 
represented as an Internet Information Service (IIS) metabase node. 

27. (Currently Amended) A server as recited in claim 23, wherein the 
request comprises a scope associated with the client user, a name of a method 
associated with the operation. 
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28. (Currently Amended) A server as recited in claim 23, wherein the 
resource is a Web site hosted by an Internet Service Provider (ISP), and wherein 
the client user is not a member of the administrators group. 

29. (Original) A server as recited in claim 23, wherein the request further 
comprises an indication of whether the operation is to be executed via a 
dynamically built command line or via an executable object already associated 
with the operation. 

30. (Currently Amended) A server as recited in claim 23, wherein the 
secure delegation administration framework is secure at least because it does not 
allow the client user access to a mapping of user role-based permission to perform 
the operation directed to the resource. 

31. (Currently Amended) A server as recited in claim 23, wherein the 
computer-executable instructions comprise instructions that cause the one or 
more processors to perform acts further including: 

identifying a set of operations associated with the resource; 

mapping the operations to a set of security permissions based on 
authorization specific role(s) of a set of users comprising the client user; and 

wherein the instructions for determining further comprise instructions for 
utilizing the mapping to identify whether the client user has permission to perform 
the operation. 
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32. (Currently Amended) A server as recited in claim 23, wherein the 
computer-executable instructions comprise instructions that cause the one or 
more processors to perform acts further including: 

securely specifying role-based user access permissions to nodes of an 
Internet Information Services (IIS) metabase, the nodes identifying the resources; 

indicating an interface to a task, the interface comprising a set of 
parameters and a name, the task comprising the operation; and 

wherein the computer-executable instructions for determining further 
comprise instructions for: 

locating the interface in a configuration file; 

responsive to locating the interface, presenting an identity of the 
client user to the resource to evaluate a scope in view of the parameters 
and the name and the resource; and 

responsive to the presenting, identifying whether the client user has 
been delegated a role-based access permission to perform the operation 
with respect to the resource. 

33. (Currently Amended) A server as recited in claim 23, wherein the 
computer-executable instructions, responsive to determining that the client user 
has been delegated authority to perform the operation with respect to the 
resource, comprise instructions that cause the one or more processors to perform 
acts further including: 

setting parameters associated with the operation; and 

executing the operation within a scope associated with the client user. 
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34. (Currently Amended) A server^ comprising: 
means for hosting a set of resources; 

means for receiving a request from a client user to perform an operation on 
a resource of the resources; and 

means for determining whether to authorize the operation as a function of 
whether the client user has been delegated a role-based scope of authority by a 
server administrator to perform the operation, the role-based scope of authority 
not requiring the client user to be a member of an administrators group associated 
with the server. 

35. (Original) A server as recited in claim 34, wherein the operation is 
associated with modification of content and/or functionality of the resource. 

36. (Original) A server as recited in claim 34, wherein the resource is an 
Internet Information Service (IIS) metabase node. 

37. (Currently Amended) A server as recited in claim 34, wherein the 
resource is a Web site hosted by an Internet Service Provider (ISP), and wherein 
the client user is not a member of the administrators group. 

38. (Currently Amended) A server as recited in claim 34, wherein 
responsive to determining that the client user has been delegated authority to 
perform the operation with respect to the resource, the server further comprises: 

means for setting parameters associated with the operation; and 



lee@hayes pile 509.324.9256 



-12- 



Attorney Docket No. MS1-1684US 
Serial No. 10/650,891 



means for executing the operation within a scope associated with the client 

user. 
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